/**
 * Copyright (c) 2011-2017, dafei 李飞 (myaniu AT gmail DOT com)
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License. You may obtain a copy of
 * the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations under
 * the License.
 */
package top.jnaw.jee.plugin.shiro;

import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.UnauthenticatedException;

/**
 * 访客访问控制处理器
 *
 * @author dafei
 */
class GuestAuthzHandler extends top.jnaw.jee.plugin.shiro.AbstractAuthzHandler {

  private static top.jnaw.jee.plugin.shiro.GuestAuthzHandler gah = new top.jnaw.jee.plugin.shiro.GuestAuthzHandler();

  private GuestAuthzHandler() {
  }

  public static top.jnaw.jee.plugin.shiro.GuestAuthzHandler me() {
    return gah;
  }

  public void assertAuthorized() throws AuthorizationException {
    if (getSubject().getPrincipal() != null) {
      throw new UnauthenticatedException(
          "Attempting to perform a guest-only operation. "
              + "The current Subject is not a guest "
              + "(they have been authenticated or "
              + "remembered from a previous login).  Access denied.");
    }
  }

}
